Translate

GNSO Council Report to the ICANN Board

Policy recommendation and advice on a procedure for handling conflicts between a registrar/registry's legal obligations under privacy laws and their contractual obligations to ICANN

This is the GNSO Council report to the ICANN Board as specified in the ICANN Bylaws, Annex A, section 11. The lettered items below follow the report sequence set out in the Bylaws.

a. A clear statement of any Supermajority Vote recommendation of the Council:

At its meeting on 28 November, 2005, the GNSO Council voted in favour of the following consensus policy recommendation of the WHOIS task force. There were 26 votes in favour and one abstention (Avri Doria abstained, saying the recommendation does not sufficiently protect privacy.).

"In order to facilitate reconciliation of any conflicts between local/national mandatory privacy laws or regulations and applicable provisions of the ICANN contract regarding the collection, display and distribution of personal data via the gTLD WHOIS service, ICANN should:

Develop and publicly document a procedure for dealing with the situation in which a registrar or registry can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via the gTLD WHOIS service.

Create goals for the procedure which include:

Ensuring that ICANN staff is informed of a conflict at the earliest appropriate juncture;

Resolving the conflict, if possible, in a manner conducive to ICANN's Mission, applicable Core Values and the stability and uniformity of the Whois system;

Providing a mechanism for the recognition, if appropriate, in circumstances where the conflict cannot be otherwise resolved, of an exception to contractual obligations to those registries/registrars to which the specific conflict applies with regard to collection, display and distribution of personally identifiable data via the gTLD WHOIS service; and

Preserving sufficient flexibility for ICANN staff to respond to particular factual situations as they arise.

The GNSO recommends the ICANN staff consider the advice given in the task force report as to a recommended procedure."

The GNSO Council's WHOIS Task Force also produced Well-developed advice on a procedure for handling WHOIS conflicts with privacy law. The task force encouraged ICANN staff to use the principles in this advice as a starting point for developing the procedure called for in the Consensus Policy Recommendation. (The text of the advice directly follows that of the consensus policy recommendation in the final report submitted to the GNSO Council, and attached as Annex 2 to this Board Report.)

b. If a Supermajority Vote was not reached, a clear statement of all positions held by Council members.

As a Supermajority vote on this recommendation was reached, it is not necessary to include a statement of positions held by all Council members.

c. An analysis of how the issue would affect each constituency, including any financial impact on the constituency;

(i) Commercial and Business Users Constituency (BC)

The BC did not include in its constituency statement an explicit analysis of the effect on the constituency. The BC did note that transparency of processes was beneficial. The issue does not appear to have a direct financial impact on the BC.

(ii) Non-Commercial Users Constituency (NCUC)

The NCUC did not include in its constituency statement an explicit analysis of the effect on the constituency. The issue does not appear to have a direct financial impact on the NCUC.

(iii) Intellectual Property Constituency (IPC)

In its constituency statement the IPC said "a sound policy in this area would benefit the constituency, whose members rely upon public access to Whois data to manage their domain name portfolios, enforce their rights against copyright and trademark infringers, and combat cybersquatting, among other purposes. The lack of a policy in this area could ultimately reduce this access to Whois data, make access less uniform and predictable, reduce transparency and accountability, and encourage infringers and other violators to utilize particular registrars or registries in order to evade detection or enforcement efforts. This would have an adverse financial impact on constituency members."

(iv) Registrar Constituency (RrC)

The RrC did not include in its constituency statement an explicit analysis of the effect on the constituency. The issue does have a direct material effect on the RrC as it concerns a potential conflict of registrars' contractual requirements with their national or local privacy laws. The procedure to be developed would provide a mechanism for dealing with future conflicts of this type. It is not anticipated that this procedure would have an adverse financial impact on registrars.

(v) gTLD Registries Constituency (RyC)

In its constituency statement the RyC said the recommendation "would assist the members of the RyC in fulfilling their legal obligations in their respective jurisdictions. It should be noted, however, that the Policy/Advice Recommendation 2 does not purport to provide complete assurance that potential conflicts can be avoided or resolved."

The ISPCP did not include in its constituency statement an explicit analysis of the effect on the constituency. The issue does not appear to have a direct financial impact on the ISPCP.

The recommendation is expected to have a positive impact overall. While there has not yet been a reported instance of an enforcement action in relation to a conflict of the RAA WHOIS obligations and national law, the existence of a procedure for dealing with such a conflict will provide clarity and reassurance for registries and registrars. The other constituencies also supported the recommendation.

d. Analysis of the period of time that would likely be necessary to implement the policy

If this recommendation is adopted by the ICANN Board as a consensus policy, its implementation will not require staffing changes, nor will it affect the overall budget. Staff resources will be required to develop a procedure as recommended by the GNSO Council and its task force. The time of the GNSO Council will also be needed to ensure the procedure is in accordance with the Council's wishes.

Staff anticipates that the implementation work — i.e. the development of a procedure implementing the recommendation - will be completed within two months of a Board resolution to adopt this recommendation.

e. The advice of any outside advisors relied upon

No outside advisors were relied upon in the development of this policy recommendation.

f. The Final Report submitted to the Council

The Final task force report on a policy recommendation and advice on a procedure for handling conflicts between a registrar/registry's legal obligations under privacy laws and their contractual obligations to ICANN is available at http://gnso.icann.org/issues/tf-final-rpt-25oct05.htm .

g. A copy of the minutes of the Council deliberation on the policy issue

The minutes of the relevant GNSO Council meeting are included in this report in Annex 1.

Annex 1 — excerpt from the minutes of the GNSO Council deliberation and vote on this issue.

- vote on final recommendation as completed by the WHOIS task force on19 Oct

Bruce Tonkin noted that the "advice" as set forth was not consensus policy.

Niklas Lagergren stated that the task force Final Report was supported unanimously by the WHOIS task force.

Ross Rader, a member of the task force raised a procedural question that after the task force had already voted on the final report, it should be made precise that reference was to the gTLD WHOIS service and did not refer to the protocol, the RIR WHOIS service or the country code WHOIS service.

Tom Keller seconded by Niklas Lagergren proposed that:

The GNSO votes in favour of the following consensus policy recommendation from the WHOIS task force

"In order to facilitate reconciliation of any conflicts between local/national mandatory privacy laws or regulations and applicable provisions of the ICANN contract regarding the collection, display and distribution of personal data via the gTLD Whois service, ICANN should:

Develop and publicly document a procedure for dealing with the situation in which a registrar or registry can credibly demonstrate that it is legally prevented by local/national privacy laws or regulations from fully complying with applicable provisions of its ICANN contract regarding the collection, display and distribution of personal data via the gTLD WHOIS service.

Create goals for the procedure which include:

Ensuring that ICANN staff is informed of a conflict at the earliest appropriate juncture;

Resolving the conflict, if possible, in a manner conducive to ICANN's Mission, applicable Core Values and the stability and uniformity of the Whois system;

Providing a mechanism for the recognition, if appropriate, in circumstances where the conflict cannot be otherwise resolved, of an exception to contractual obligations to those registries/registrars to which the specific conflict applies with regard to collection, display and distribution of personally identifiable data via the gTLD WHOIS service; and

Preserving sufficient flexibility for ICANN staff to respond to particular factual situations as they arise.

The GNSO recommends the ICANN staff consider the advice given in the task force report as to a recommended procedure."

Bruce Tonkin called for formal roll call vote.

The motion carried.

26 Votes in support

Abstention by Avri Doria (appointed to the Council by the Nominating Committee). Reason: Does not believe goes far enough in protecting privacy.

10 January 2006

Author: ICANN — Maria Farrell Version 1.1

Comments concerning the layout, construction and functionality of this site should be sent to webmaster [at] gnso.icann.org

We have updated our privacy policies and certain website terms of service to provide greater transparency, promote simplification, and align with recent changes in privacy laws applicable to us. Learn more.OK